Tuesday, June 5, 2012

Configuring BGP - BGP Backdoor

At one point or another we have all sneaked into our parent's house through the backdoor. Well we are going to be talking about something very similar, however instead of parents house and a sneaking teenager ;) we are going to be discussing about sneaking routes into the routing table via BGP backdoor.

Our objective is to prefer a IGP learned route instead of a eBGP learned route. As we all know that for the most part AD (Administrative distance) dictates what routes gets installed in the routing table.

Consider this simple topology and let's get started.


A brief overview of Administrative distance as used by Cisco routers. 

Directly Connected Route - 0
Static route - 1
eBGP - 20
Internal EIGRP - 90
OSPF - 110
iBGP - 200

Now let's get started on the configurations. First let's get R2, R3, R4 interfaces configured. 

  1. Assign an IP address to R2 Serial 1/0 interface. 
  2. Assign an IP address to R2 Fast 2/0 interface. 
  3. Assign an IP address to R2 Loopback 1.
  1. Assign an IP address to R3 Serial 1/1 interface
  2. Assign an IP address to R3 Fast 2/0 interface. 
  3. Assign an IP address to R3 Loopback 1.
  1. Assign an IP address to R4 Serial 1/1 interface.
  2. Assign an IP address to R4 Serial 1/0 interface.
  3. Assign an IP address to R4 Loopback 1 interface. 
Now that we have the IP addresses configured we can now move onto the routing protocol section. First we will get BGP configured between R2 and R4 and R4 and R3. Then we will configure OSPF between R2 and R3.

  1. Create a new instance of BGP.
  2. Create the network statement to advertise the loopback into BGP.
  3. Redistribute connected so all routes can be propagated.
  4. Create the neighbor statement.  

  1. Create a new instance of BGP. 
  2. Create a network statement to advertise the loopback into BGP.
  3. Redistribute connected so all routes can be propagated. 
  4. Create the neighbor statement for R3 and R2 routers. 
  1. Create a new instance of BGP.
  2. Create a network statement to advertise the loopback into BGP.
  3. Create the neighbor statement. 

Now that we are done with BGP, let's get OSPF (IGP) between R2 and R3.
  1. Create a new instance of OSPF.
  2. Get the network statements to advertise subnets and become neighbors.
Same as above. Finishing up the OSPF configurations. 


Let's verify the routing table on R2. We should have all BGP learned routes in the routing table since BGP has a lower AD (Administrative Distance) than OSPF. 


We know that we have a FASTETHERNET connection to between R3 and R2 and we are still using the slow path of R2 -> R4 -> R3 to get to R3's loopback. As you can see OSPF has the route for 3.3.3.3/32.


So how do we fix this? 

We have 2 options:
  1. Adjusting bgp distance using bgp distance under bgp configuration *Not recommended*.
  2. Create a backdoor statement. 
Let's look at BGP backdoor since the post is labelled backdoor. 


Under bgp configuration type 'network <network to be snuck in through the backdoor> mask <netmask> <backdoor>'

So now that we are done with configuring backdoor for 3.3.3.3/32 let's check out R2's routing table again. 


As you can see now the router immediately installs the OSPF learned route for 3.3.3.3/32 even though OSPF A/D is higher than the eBGP learned route. 

Conclusion

Another easy to follow and a simple blogtorial. BGP backdoor is not very common, however they come in very handy when you trying to 'hack-up' something or have some strange technical constraint. I have used BGP backdoor one time in my networking career to rig up some VPN + eBGP + iBGP + OSPF + a single multihomed setup.

Configurations for all the routers on this lab can be found here

Please comment/subscribe/+1 if you find this article helpful as it definitely motivates me to write more articles especially at 1am in the morning.